﻿using IdentityModel;
using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;

namespace IdentityServer
{
    public class Config
    {
        public static IEnumerable<IdentityResource> GetIdentityResources()
        {
            var customProfile = new IdentityResource(
                name: "api.profile",
                displayName: "Mvc profile",
                claimTypes: new[] { "role" });
            return new List<IdentityResource>
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
                //new IdentityResource("roles","role",new List<string>{ "role"}),
                customProfile
            };
        }

        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                new ApiResource("api1", "My API",new List<string>(){ JwtClaimTypes.Role}),
                new ApiResource("mvc1", "My MVC",new List<string>(){ JwtClaimTypes.Role})
            };
        }

        // clients want to access resources (aka scopes)
        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                new Client
                {
                    ClientId = "AuthServer",
                    AllowedGrantTypes = GrantTypes.ClientCredentials,
                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    AllowedScopes = { "api1" },
                    Claims= new List<Claim>(){new Claim("role","AuthServer") },
                    ClientClaimsPrefix = ""
                },
                 // resource owner password grant client
                new Client
                {
                    ClientId = "ro.client",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,

                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    AllowedScopes = { "api1" }
                },
                  new Client
                {
                    ClientId = "ro.client1",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,

                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    AllowedScopes = { "mvc1" }
                },
                // OpenID Connect implicit flow client (MVC)
                new Client
                {
                   ClientId = "mvc",
                   ClientName = "MVC Client",
                   AllowedGrantTypes = GrantTypes.Hybrid,
                   ClientSecrets =
                   {
                       new Secret("secret".Sha256())
                   },
                   // where to redirect to after login
                   RedirectUris = { "http://localhost:5002/signin-oidc" },

                   // where to redirect to after logout
                   PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },

                  AllowedScopes = new List<string>
                  {
                    IdentityServerConstants.StandardScopes.OpenId,
                    IdentityServerConstants.StandardScopes.Profile,
                    //"roles",
                    "mvc.profile"
                  }
                },

                 // JavaScript Client
                new Client
                {
                    ClientId = "js",
                    ClientName = "JavaScript Client",
                    AllowedGrantTypes = GrantTypes.Implicit,
                    AllowAccessTokensViaBrowser = true,

                    //RedirectUris = { "http://localhost:5003/callback.html" },
                    //PostLogoutRedirectUris = { "http://localhost:5003/index.html" },
                    RedirectUris = { "http://localhost:5003/CallBack" },
                    PostLogoutRedirectUris = { "http://localhost:5003" },
                    AllowedCorsOrigins = { "http://localhost:5003" },

                    AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api1"
                    },
                }
            };
        }
    }

    //public static class Config
    //{

    //    public static List<TestUser> GetUsers()
    //    {
    //        return new List<TestUser>
    //        {
    //            new TestUser
    //            {
    //                SubjectId = "1",
    //                Username = "alice",
    //                Password = "password"
    //            },
    //            new TestUser
    //            {
    //                SubjectId = "2",
    //                Username = "bob",
    //                Password = "password"
    //            }
    //        };
    //    }

    //    public static IEnumerable<IdentityResource> GetIdentityResources()
    //    {
    //        var customProfile = new IdentityResource(
    //          name: "api.profile",
    //          displayName: "Mvc profile",
    //          claimTypes: new[] { "role" });
    //        return new List<IdentityResource>
    //        {
    //            new IdentityResources.OpenId(),
    //            new IdentityResources.Profile(),
    //            //new IdentityResource("roles","role",new List<string>{ "role"}),
    //            customProfile
    //        };
    //    }

    //    public static IEnumerable<ApiResource> GetApis()
    //    {
    //        return new List<ApiResource>
    //        {
    //            new ApiResource("YSC_App_WebApi", "My API")
    //        };
    //    }

    //    public static IEnumerable<Client> GetClients()
    //    {
    //        return new List<Client>
    //        {
    //             new Client
    //            {
    //                ClientId = "AuthServer",
    //                AllowedGrantTypes = GrantTypes.ClientCredentials,
    //                ClientSecrets =
    //                {
    //                    new Secret("secret".Sha256())
    //                },
    //                AllowedScopes = { "api1" },
    //                Claims= new List<Claim>(){new Claim("role","AuthServer") },
    //                ClientClaimsPrefix = ""
    //            },
    //            // resource owner password grant client
    //            new Client
    //            {
    //                ClientId = "ro.client",
    //                AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,

    //                ClientSecrets =
    //                {
    //                    new Secret("secret".Sha256())
    //                },
    //                AllowedScopes = { "api1" }
    //            }
    //        };
    //    }
    //}
}
